DocumentCode :
2593688
Title :
Multicast-specific security threats and counter-measures
Author :
Ballardie, Tony ; Crowcroft, Jon
Author_Institution :
Dept. of Comput. Sci., Univ. Coll. London, UK
fYear :
1995
fDate :
16-17 Feb 1995
Firstpage :
2
Lastpage :
16
Abstract :
Security issues in multicast communication have rarely been touched upon to date. We believe that wide-area multicast communication is at a substantially increased risk from specific security threats, compared with the same threats in unicast. This arises both from the lack of any form of effective group access control, and from the fact that multicast traffic traverses potentially many more communication links than does a single unicast communication, thereby creating more opportunity for a link attack. We discuss specific threats that are relevant to multicast, and explain why they are so. We propose security mechanisms specifically for multicast groups requiring safeguards that afford protection against some of these threats. More precisely, we propose a version of the IGMP protocol that can reliably enforce subnet-level group access control. We also describe a scalable mechanism to control multicast traffic in transit that can, for example, prevent a misbehaving source from causing undue congestion over the wide-area
Keywords :
access protocols; authorisation; internetworking; local area networks; telecommunication channels; telecommunication links; wide area networks; IGMP protocol; communication links; congestion; effective group access control; link attack; misbehaving source; multicast traffic; multicast traffic control; multicast-specific security threats; protection; safeguards; scalable mechanism; security threat counter-measures; subnet-level group access control; wide-area multicast communication; Access control; Access protocols; Communication system traffic control; Computer science; Computer security; Cryptography; Educational institutions; Internet; Multicast communication; Unicast;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Network and Distributed System Security, 1995., Proceedings of the Symposium on
Conference_Location :
San Diego, CA
Print_ISBN :
0-8186-7027-4
Type :
conf
DOI :
10.1109/NDSS.1995.390649
Filename :
390649
Link To Document :
بازگشت